Reverify externally verified gpg keys

What does this MR do and why?

• Add externally_verified_at to gpg_keys
• Reverify based on time since externally_verified_at rather than updated_at
• Reverify keys even if they were previously externally invalid

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

How to set up and validate locally

Setup

1. Add a gpg key
2. Create a project
3. Activate the beyond identity integration for the instance (e.g http://gdk.test:3000/admin/application_settings/integrations/beyond_identity)

Test successful responses

1. Modify beyond identity check to be successful (https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/integrations/beyond_identity.rb#L71-73)

def execute(params)
  return 
  ::Gitlab::BeyondIdentity::Client.new(self).execute(params)
end

1. Create a signed commit and push to the project
2. Check that the gpg key has externally_verified set to true and externally_verified_at has been updated
3. Add another gpg key and see that it is externally_verified and externally_verified_at has been set

Test unsuccessful responses

1. Modify beyond identity check to be unsuccessful (https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/models/integrations/beyond_identity.rb#L71-73)

def execute(params)
  raise ::Gitlab::BeyondIdentity::Client::ApiError.new('simulated error', 500)
  ::Gitlab::BeyondIdentity::Client.new(self).execute(params)
end

1. Set externally_verified_at for one of the gpg keys to be earlier than 1 day ago (e.g gpg_key.update(externally_verified_at: 2.days.ago))
2. Create a signed commit and try to push to the project with that gpg key.
3. See that externally_verified is set to false and externally_verified_at has been set

Related to #473193 (closed)